[Bug] System.Net.Http.HttpRequestException was thrown intermittently when acquire token about microsoft-authentication-library-for-dotnet HOT 4 OPEN

The error does come from MSAL's HttpClient request to the STS, but the strack trace is not sufficient to understand what is happening. It could be an error from the server (400 or 401 response) which MSAL transforms in MsalServiceException, a timeout, bad HTTP call (maybe the region string is bad?).

Next steps:

• Can you try to isolate the exception message ?
• It would also help to have some basic logs from the affected machines.
• Does the issue happen only in 1 region?

from microsoft-authentication-library-for-dotnet.

Unfortunately, we don't have any isolated exception to investigate. (We will add more telemetry around it)
The callback was captured from OS events during process crashes. It did happen across 21 regions according to our logs.
Since the ests-r has been turned off, now, we are flagged in s360. Any guidance for next step? Thanks!

from microsoft-authentication-library-for-dotnet.

Guidance would be to add logging and some monitoring as well, and run in pre-prod env or in a low traffic env to identify the root cause.

How is it failing in the 21 regions? All 100% of calls fail? This would indicate that the region strings are wrong. See here for region list.

Also, regional auth is fully tied to sending certificate chain. Not sure why it's an option in your code, but that flag should always be true.

from microsoft-authentication-library-for-dotnet.

The issue did happen across regions. But it doesn't seem to be 100% fail but an intermittent issue. I am working on adding the logs and monitoring and will let you know once I have more details.

Regarding the option of sending certificate chain, I believe we can safely remove it since it was enabled by default

from microsoft-authentication-library-for-dotnet.